6.8
CVE-2024-5913
- EPSS 0.12%
- Veröffentlicht 10.07.2024 19:15:11
- Zuletzt bearbeitet 24.01.2025 16:00:42
- Quelle psirt@paloaltonetworks.com
- CVE-Watchlists
- Unerledigt
LoginPAN-OS: Improper Input Validation Vulnerability in PAN-OS
An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Paloaltonetworks ≫ Pan-os Version >= 10.1.0 < 10.1.14
Paloaltonetworks ≫ Pan-os Version >= 10.2.0 < 10.2.10
Paloaltonetworks ≫ Pan-os Version >= 11.0.0 < 11.0.5
Paloaltonetworks ≫ Pan-os Version >= 11.1.0 < 11.1.4
Paloaltonetworks ≫ Pan-os Version >= 11.2.0 < 11.2.1
Paloaltonetworks ≫ Pan-os Version10.1.14 Update-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.306 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| psirt@paloaltonetworks.com | 6.1 | 0.2 | 5.9 |
CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.